Releases: ossf/scorecard-monitor
Releases · ossf/scorecard-monitor
v2.0.0-beta8
What's Changed
Important
Governance
The project has been donated to the OSSF, so now it is an official tool in the Scorecard ecosystem, read the announcement. So the repository is now located in ossf/scorecard-monitor and not as UlisesGascon/openssf-scorecard-monitor. You can use now ossf/[email protected] to use this action.
License change
The project has change the license from MIT to APACHE 2.0
Main Changes
- Improved documentation
- Updated templates and project metadata to reflect the OSSF donation
- Updated references to the new URL for the Scorecard Visualizer
- Dependencies upgrades
- Improved CI to validate the dist content
PRs
- Minor docs cleanup by @justaugustus in #72
- Document limitations on automatically tracked projects by @lelia in #73
- Adjustments for OSSF Donation by @UlisesGascon in #74
- Migration to OSSF Org by @UlisesGascon in #75
- chore(deps): bump ejs from 3.1.9 to 3.1.10 by @dependabot in #76
- chore(deps): bump undici from 5.28.2 to 5.28.4 by @dependabot in #77
- Refactor to use new OSSF Scorecard visualizer URL by @UlisesGascon in #78
- Add OSSF donation announcement by @UlisesGascon in #80
- Prepare v2.0.0-beta8 release by @UlisesGascon in #81
- chore(deps-dev): bump braces from 3.0.2 to 3.0.3 by @dependabot in #82
- Add step to validate the dist folder content by @UlisesGascon in #84
- Fix issue template
ossflink by @lelia in #83 - add contributing guide by @UlisesGascon in #85
- docs: Minor cleanups including lint warnings and structure by @justaugustus in #87
New Contributors
- @justaugustus made their first contribution in #72
- @dependabot made their first contribution in #76
Full Changelog: v2.0.0-beta7...v2.0.0-beta8
Contributors
justaugustus, lelia, and 2 other contributors
Assets 2
v2.0.0-beta7
What's Changed
Main Changes
- Improve documentation
- Upgrade dependencies and moved to [email protected]
PRs
- Update docs & add requirements for Scorecard by @lelia in #68
- Upgrade to [email protected] by @UlisesGascon in #69
- Upgrade project dependencies by @UlisesGascon in #70
- Bump to v2.0.0-beta7 by @UlisesGascon in #71
New Contributors
Full Changelog: v2.0.0-beta6...v2.0.0-beta7
Contributors
lelia and UlisesGascon
Assets 2
v2.0.0-beta6
What's Changed
Features
- Added comparator to monitor
- Docs: Added PR Strategy reference
- Improved table copy (titles and rows)
PRs
- Added PR Strategy reference by @UlisesGascon in #61
- Feat: change table copy by @KoolTheba in #62
- Feat: add comparator to monitor by @KoolTheba in #63
- chore: bump to v2.0.0-beta6 by @KoolTheba in #64
- fix: added 2.0.0-beta6 build by @UlisesGascon in #65
Full Changelog: v2.0.0-beta5...v2.0.0-beta6
Contributors
UlisesGascon and KoolTheba
Assets 2
v2.0.0-beta5
What's Changed
- Feat: immutable reports by @KoolTheba in #59
- chore: bump to v2.0.0-beta5 by @KoolTheba in #60
Full Changelog: v2.0.0-beta4...v2.0.0-beta5
Contributors
KoolTheba
Assets 2
v2.0.0-beta4
What's changed
Main changes
- Documentation improvements
- Added
render-badgeinput (#46) - Fixed typo in http protocol (3715cae)
- Added
report-toolinput and new visualization tool (#57)
PRs
- Docs: 2.0.0 beta3 by @UlisesGascon in #40
- docs: extended documentation to explain case sensitive scenarios by @UlisesGascon in #41
- chore: normalized gitignore by @UlisesGascon in #50
- Enable support for OpenSSF Badges instead of only scores by @rajbos in #46
- fix: replaced http protocol for https by @KoolTheba in #56
- Added new visualization tool by @UlisesGascon in #57
- Release v2.0.0-beta4 by @KoolTheba in #58
Full Changelog: v2.0.0-beta3...v2.0.0-beta4
Contributors
UlisesGascon, rajbos, and KoolTheba
Assets 2
v2.0.0-beta3
What's Changed
- Added fix link for stepSecurity
- Added issue assignation and labels
PRs
- Docs: improvements by @UlisesGascon in #33
- feat: added fix link for stepSecurity by @UlisesGascon in #38
- feat: added issue assignation and labels by @UlisesGascon in #39
Full Changelog: v2.0.0-beta2...v2.0.0-beta3
Contributors
UlisesGascon
Assets 2
v2.0.0-beta2
What's Changed
Main changes
- Improved report tags management (hidden titles)
- Fix: boolean logic to trigger report tags
Prs
- fix: inverted boolean logic to store tagged report by @UlisesGascon in #30
- Hide titles if the tags mode is enabled by @KoolTheba in #32
New Contributors
- @KoolTheba made their first contribution in #32
Full Changelog: v2.0.0-beta1...v2.0.0-beta2
Contributors
UlisesGascon and KoolTheba
Assets 2
v2.0.0-beta1
b2fa3a9
This commit was signed with the committer’s verified signature.
UlisesGascon
Ulises Gascón
What's Changed
Main changes
- Improved argument management from the pipeline
- Utils relocated as external libraries
- Extended reporting to support commit hash reference
- Added report data as output (JSON Format)
- Added files content validation against JSON Schemas
- Added support for content tags in the report, so the report can be added/updated as a markdown block in a file
- Added Discovery capabilities, so the action will auto-scope organizations / users
- Added excluded capabilities to the discovery
- Better documentation
Context
- docs: added proper marketplace version by @UlisesGascon in #8
- Fix minor details by @UlisesGascon in #15
- Improved Boolean logic by @UlisesGascon in #16
- Refactor Utilities by @UlisesGascon in #18
- feat: added scores as output by @UlisesGascon in #19
- feat: added commit reference to reports by @UlisesGascon in #21
- Added support for custom tags in the markdown report by @UlisesGascon in #22
- feat: added auto-scoping by @UlisesGascon in #23
- docs: added version reference by @UlisesGascon in #24
- fix minor bugs for v2 beta1 by @UlisesGascon in #25
- feat: renamed auto-scope to discovery by @UlisesGascon in #26
- Feat/json schemas by @UlisesGascon in #27
- fix: dependency reference by @UlisesGascon in #28
- fix: bad object reference by @UlisesGascon in #29
Full Changelog: v1.0.1...v2.0.0-beta1
Contributors
UlisesGascon
Assets 2
v1.0.1
What's Changed
Main changes
- Added Github Action Branding
PRs
- chore: added github action branding by @UlisesGascon in #7
Changelog
Other
- added github action branding (831364a)
Full Changelog: v1.0.0...v1.0.1
Contributors
UlisesGascon
Assets 2
v1.0.0
What's Changed
Main changes
- Added support for Github Actions (input, setup...)
- Added basic chore setup (NPM Scripts, linting, pipelines, testing... )
- Added Dependencies (dev and prod...)
- Limited support to Node v16
- Added issue and report templating with Ejs
- Added logic to manage local json database
- Added markdown format to report and issues
- Added documentation, images and demo repo references
- Added API request management including HTTP limits for parallel requests
- Added logic to compare new and historical scores
PRs
- Initial Setup by @UlisesGascon in #1
- Added Analysis logic by @UlisesGascon in #2
- Ported to GitHub Action by @UlisesGascon in #3
- Fix: minor bugs by @UlisesGascon in #4
- chore: linting by @UlisesGascon in #5
- docs: improved documentation by @UlisesGascon in #6
Changelog
Features
- added basic github action definition (f98ce7c)
- added basic utilities (cf3fdb1)
- added commit changes capability (6a82bda)
- added default settings (1382939)
- added dependency vercel/ncc (6daf8c8)
- added Ejs as dependency (ddb8091)
- added empty config file (0ab5133)
- added empty db file (5d9e236)
- added github action core logic (324614d)
- added issue template (71f9bbb)
- added markdown reporting (c38a0d8)
- added max resquest in settings (868c4b8)
- added notification settings (2e008f5)
- added octokit/rest library (f7eacf0)
- extended inputs (1e80345)
- simplified legacy code (eb024ed)
- WIP core logic (939ebba)
Bug Fixes
Other
- added actions dependencies (42029e2)
- added basic documentation (ca9d057)
- added build step (edfbc40)
- added CI pipeline (14cc3ef)
- added dependency (84bf461)
- added dev dependencies (61fb9df)
- added dist folder (b51795a)
- added extra references (a04f4d0)
- added husky git hooks (cf56817)
- added initial file (7ef1880)
- added linting (b1ba183)
- added nodejs engine specs (fc35159)
- added test support (60c3763)
- avoid npm publication (33aca47)
- dist added (afcf7a1)
- downgrade to got v11 (47fa4da)
- downgrade to Node v16 (006443a)
- extended releases config (3ca4134)
- extended releases config (0668780)
- ignored dist folder for linting (28e8390)
- improved documentation (22bd265)
- linting (a166a68)
- linting (e889af3)
- linting (ed33e9a)
- npm initialization (fb2613b)
- removed md extension from template location (7be296d)
- removed reference files (918708a)
New Contributors
- @UlisesGascon made their first contribution in #1
Full Changelog: https://github.com/UlisesGascon/openssf-scorecard-monitor/commits/v1.0.0
Contributors
UlisesGascon